need nym-differentiation, perpetual motion, and FTL travel please
-----BEGIN PGP SIGNED MESSAGE----- Hi. I was thinking as I stood in the lunch line talking with Arnaud that what I like about <a href= "http://www-ugrad.cs.colorado.edu/~wilcoxb/faq/DefnOfPseudonymity"> pseudonymity </a> is the part about being free from the threat of violence. I _don't_ like the part about being able to have multiple identities nearly as much. It would really please me if I could figure out a way to reliably determine that Alicenym is not the same human as Bobnym without compromising the anonymity of the human(s) behind Alicenym and Bobnym. (Since if their anonymity was thus compromisable, they would be susceptible to the threat of violence.) Unfortunately I can't think of a good way to have both pseudonymity and nym-differentiation. I think that it is possible, however. Can anyone suggest a mechanism? Regards, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMZTal0jbHy8sKZitAQFn0gL+M5h/G1WlI6DMF2ZqQhllx+YDu23HGVdp VJbSd0VuBvqKLtDeJ+css9uZ90nUDcsqT8Dws1xxdU+ejSe2Zh3HYLip3+L3LmWV YDf446Pfswgkgs20HRyPzBs2B8c8JpNm =xJYR -----END PGP SIGNATURE-----
bryce@digicash.com writes:
Unfortunately I can't think of a good way to have both pseudonymity and nym-differentiation. I think that it is possible, however. Can anyone suggest a mechanism?
Terminals which genetically sample their users? Seriously, the problem, as stated, is thoroughly impossible to solve in the real world. Anyone can pretend to be anyone in the non-cyberspace world -- how can you stop them on the net? .pm
-----BEGIN PGP SIGNED MESSAGE----- The entity calling itself "Perry Metzger" <perry@piermont.com> is alleged to have written:
bryce@digicash.com writes:
Unfortunately I can't think of a good way to have both pseudonymity and nym-differentiation. I think that it is possible, however. Can anyone suggest a mechanism?
Terminals which genetically sample their users?
I hate hardware solutions. I'm a software guy. <img alt=":-)" src="http://www-ugrad.cs.colorado.edu/~wilcoxb/smiley.1.gif">
Seriously, the problem, as stated, is thoroughly impossible to solve in the real world. Anyone can pretend to be anyone in the non-cyberspace world -- how can you stop them on the net?
Okay having said I couldn't think of a good way, I'll go ahead and suggest a way. Let's assume that it is possible to stop people from pretending to be anyone in Real Life(tm). (It is possible.) Now let's collect N people and form a Dining-Cryptographers' net. Once the Dining-Cryptographers' net is up-and-running let's put out a call for each of the N participants to announce a public key which will be their nym from now on. Assuming that you get N public keys, you can have _some_ degree of assurance that there is a one-to-one mapping between pubkeys/nyms and humans on the DC-Net. Voila. It's weak and complicated, so I wouldn't call it a "good way", but it _is_ a way to have both pseudonymity and nym-differentiation. Now that I've done this part, would someone else handle the perpetual motion, FTL travel, cold fusion and so forth? Thanks. Regards, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMZTpGUjbHy8sKZitAQHK5QMAyYqR6Nv8j2HOMdq2JbTj1ZOiYhN2nbP9 WIwI92NyKVuv+i/PwGk8kkCsaGpq2n89/9JV2uKxvCN12m5on+rWwbDZeWUaHtgg t7UXyGCV7bF8gauFvT1z2JMLmBzumZ4Q =fnkf -----END PGP SIGNATURE-----
bryce@digicash.com writes:
Okay having said I couldn't think of a good way, I'll go ahead and suggest a way.
Let's assume that it is possible to stop people from pretending to be anyone in Real Life(tm). (It is possible.)
How? Identity police taking genetic samples from every person on the planet six times a day? Even that can't prevent me from going to a corner pay phone and calling someone and saying I am Ignatz Ratkin.
Now let's collect N people and form a Dining-Cryptographers' net. Once the Dining-Cryptographers' net is up-and-running let's put out a call for each of the N participants to announce a public key which will be their nym from now on. Assuming that you get N public keys, you can have _some_ degree of assurance that there is a one-to-one mapping between pubkeys/nyms and humans on the DC-Net.
And how do you catch the person who tries to send out two keys? .pm
-----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- The entity calling itself "Perry Metzger" <perry@piermont.com> is alleged to have written:
bryce@digicash.com writes:
Okay having said I couldn't think of a good way, I'll go ahead and suggest a way.
Let's assume that it is possible to stop people from pretending to be anyone in Real Life(tm). (It is possible.)
How? Identity police taking genetic samples from every person on the planet six times a day?
Sure: genetic samples and biometric ID in general, collected by identity police, by "IsAPerson" credential-distribution organizations, and by your friends and family who hang out with you all the time. This prevents, for example, me from pretending to be Arnaud Sahuguet when I'm talking to Berry Schoenmakers, since Berry has gathered a lot of biometric information about Arnaud and about me, such as how we look, sound and (?) smell. That kind of impersonation-prevention within a given set of people is all I need to bootstrap my cool nyms-without- doublenyms system described below. (As an aside Berry can also differentiate Arnaud from me by non-biometric information like the fact that Arnaud speaks better French than I do. On the net, however, it is easier to pretend to speak French.)
Now let's collect N people and form a Dining-Cryptographers' net. Once the Dining-Cryptographers' net is up-and-running let's put out a call for each of the N participants to announce a public key which will be their nym from now on. Assuming that you get N public keys, you can have _some_ degree of assurance that there is a one-to-one mapping between pubkeys/nyms and humans on the DC-Net.
And how do you catch the person who tries to send out two keys?
Simple as pie, because of some of the properties of DC-Nets. If someone sends out the wrong number of pubkeys, then everyone will know, right? So when that happens everyone just reveals their shared-secret data from the DC-Net session. This makes everything that happened during that session public. The disruptor is kicked out of the nym club and we back up a step and generate new pubkeys for ourselves. I'm getting rather interested in DC-Nets. I don't suppose anyone has gone ahead and invented a protocol for DC-Net conversations? It is a _really_ interesting problem, because of the strange requirements of DC-Nets (such as having denial-of-service prevention in the networking layer, and the fact that it is shared-media even up at the network layer) and because of their efficiency (/scaleability) problems. Regards, Bryce - -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMZT2+EjbHy8sKZitAQHOtQL8CFAwvqo3H8+jKGdjeqi7tgjMUyWaYBoA rBzj4vF9VisC2a7Q/bM4iwQD8mahz1EDidhcncWqTxAWXv+vq/Wf3Yhdy7Kb+168 4AuNLpFHLQRhu+0ijuWB77oiKb7jHHk2 =q/v1 - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMZT3J0jbHy8sKZitAQGrDgL9H1Z8QGNlPB6/thmGxSLu/Tna86aG1/WT /tuGUK4vGAqMAR7M2freIgsqC3iQFO4nHqXzPyT46OJZlpJAUS4zzaE9gvgX7V/T fn9eo75v9HfPRo6eY9VTh/gQP1PdW3gK =zEyz -----END PGP SIGNATURE-----
bryce@digicash.com writes:
How? Identity police taking genetic samples from every person on the planet six times a day?
Sure: genetic samples and biometric ID in general, collected by identity police,
I doubt that will work even were it implemented. Every phone on the planet and terminal would need to constantly do biometric analysis of every user, and even then people could program their terminals to lie.
Now let's collect N people and form a Dining-Cryptographers' net. Once the Dining-Cryptographers' net is up-and-running let's put out a call for each of the N participants to announce a public key which will be their nym from now on. Assuming that you get N public keys, you can have _some_ degree of assurance that there is a one-to-one mapping between pubkeys/nyms and humans on the DC-Net.
And how do you catch the person who tries to send out two keys?
Simple as pie, because of some of the properties of DC-Nets. If someone sends out the wrong number of pubkeys, then everyone will know, right? So when that happens everyone just reveals their shared-secret data from the DC-Net session.
And if several people lie about their shared secrets? Really, you aren't thinking nearly deviously enough. Perry
-----BEGIN PGP SIGNED MESSAGE----- The entity calling itself "Perry Metzger" <perry@piermont.com> is alleged to have written: (> Bryce wrote:)
Simple as pie, because of some of the properties of DC-Nets. If someone sends out the wrong number of pubkeys, then everyone will know, right? So when that happens everyone just reveals their shared-secret data from the DC-Net session.
And if several people lie about their shared secrets?
If some of your N participants are going to collude to share their nyms then it is manifestly impossible to stop them. But that doesn't bother me. The purpose of this scheme is to create N nyms for N people and be sure that each of then N people who wanted a nym got one. If you are sure that each of the N people wanted a nym, then you can be sure you have a one-to-one mapping between people and nyms, but unconditional untraceability from nyms to people. But perhaps what you were talking about was a denial-of-service attack on the DC-Net's network layer. That has been addressed extensively in Chaum's original "Dining Cryptographers" paper. Chaum's method for dealing with denial-of-service attacks is typically brilliant, but even so it is an unwieldly and expensive (in terms of computation and bandwidth) proposition. I recommend "Dining Cryptographers" to everyone, and I hope that someone who reads it will come up with a better solution. Regards, Bryce -----BEGIN PGP SIGNATURE----- Version: 2.6.2i Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.1b2 iQB1AwUBMZWjDEjbHy8sKZitAQEjvAMAq2wCpK+yGUf21bASjiaOYDAPNF8C/ogn HAqVnOYmYQMLUTqff7E+oC8uyUj+uoaQ0Fev8uzQdZZROXtbXx+Ej7gBzBFDrbp1 9mohBEWgbYS28hJH9+X3aoyYm/9wT+HX =xA+6 -----END PGP SIGNATURE-----
This is one of the features in the forthcoming release of Comparichino, the worlds first java compatible internet-secure biometric device. nyms are generated by xoring your key fingerprint with your index fingerprint. Simon --- Cause maybe (maybe) | In my mind I'm going to Carolina you're gonna be the one that saves me | - back in Chapel Hill May 16th. And after all | Email address remains unchanged You're my firewall - | ........First in Usenet.........
participants (3)
-
bryce@digicash.com -
Perry E. Metzger -
Simon Spero